How to configure computer delegation with PowerShell

By configuring computer delegation with PowerShell, you can determine whether you can access an Active Directory (AD) computer from another computer. This article will demonstrate the difference between unconstrained delegation, constrained delegation to any service, and constrained delegation to specified services.

Contents of this article:

  • The concept of computer delegation in a nutshell
  • Two different approaches
  • Unconstrained delegation to any service
  • Constrained delegation to specified services with Kerberos only
  • Constrained delegation to specified services only with any authentication protocol
  • Resource-based constrained delegation
  • Check the current delegation for a computer
  • Remove delegation

Read more from my guest article on 4SysOps

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s